Is AI Going to Change Everything in Cybersecurity? Yes! But Not Like You Think.

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Nima Baiati of Lenovo answers the question on everyone’s mind: “Is AI Going to Change Everything in Cybersecurity?” Yes… but not like you think!

Perhaps not since Gutenberg’s printing press has a technology simultaneously created as much uncertainty, doubt, and fear of missing out as Artificial Intelligence (AI). There is enormous potential for disruption and productivity, particularly in cybersecurity, where the stakes for enterprises are already high and continually rising.

However, with that being said, chief technology officers (CTOs) and chief security officers (CSOs) have no more reason to panic or stress than usual.

Is AI Going to Change Everything in Cybersecurity? Yes! But Not Like You Think.

Better Spears, Better Shields

Security has always been a tough game, and there’s no reason to believe it’s going to get any easier. It is undoubtedly concerning that Generative AI (GAI) has the potential to provide malicious individuals with more advanced capabilities. Passwords may be compromised more readily, deepfakes could exploit vulnerabilities in social engineering, and hackers might enhance their malware with greater ingenuity, resulting in an acceleration of cyber-attacks.

Nevertheless, the good news is the same tools available to potential attackers will also be in the hands of defenders. This means an increasing number of cybersecurity activities can be automated and, therefore, more efficient. AI is being used for better risk analysis, threat detection, and automating alerts and responses. AI can also help balance security and user experience (UX) by analyzing behavioral data and simplifying verification— this is critical because an overly secure gate ceases to function as a serviceable passageway.

The new efficiencies gained by AI-enabled cybersecurity tools can help address the critical shortage of skilled labor in the field. Smaller organizations, such as small to medium-sized businesses (SMBs) and educational institutions, that lack the budgets and resources of government and large enterprises, will be able to automate more security solutions and become somewhat harder targets. Overall, while technology advances, the core infrastructure of every organization’s security system will remain constant.

The Hands That Make and Hold the Shields

People, not technology, are the most critical components of any security system. A castle may have impregnable walls, but they do not matter very much if the guards are poorly trained, complacent, or corruptible. For hackers, a misappropriated key is always better than a battering ram.

Now, more than ever, organizations need to build better security cultures, especially since one of the biggest challenges with making systems and companies secure starts with people. Employees must be equipped with the training and support to maintain constant awareness of the nature of threats and vigilance against attacks. For example, social engineering for phishing attacks is becoming much more sophisticated because of deepfakes, but they can still be defeated when employees adhere to proper protocols.

Even more critical than end-user vigilance is security by design. Not only should software be reviewed for security, but it should also be built with security embedded in it. Device manufacturers and purchasers must make better decisions based on security outcomes, rather than just form, function, and cost. Computer original equipment manufacturers (OEMs), for example, should provide protection throughout the lifecycle of a device. This includes a transparent and secure supply chain to protect devices from the bottom up, defending against below-the-operating-system threats like a basic input/output system (BIOS) attack, and ensuring data protection between the operating system and the cloud. Buyers of computing devices who don’t audit for security by design and rely too much on after-market or bolted-on security should be aware of the risk they assume.

AI for All

The only thing limiting the impact of AI is our imagination. The ability to exponentially process more data and make more decisions will change everything for everyone, similar to how the internal combustion engine and electricity empowered us to do more, faster.

This is a positive development because there are vastly more people striving to achieve good outcomes than bad actors looking to steal data or destroy value. However, to protect our organizations and harness the benefits of AI, we will need good decisions and vigilant behavior.

A critical aspect is ensuring that security is intrinsically built into every stage of development and deployment. Each organization will have its own security needs, frameworks, and different types of security threats, so it will be important for organizations to identify those nuances. When examining devices, for example, it is vital to integrate security into all layers of the platform: supply chain, below-operating system, and above-operating system.

Not all data can be protected equally, and the goal of achieving zero cybersecurity breaches is simply unattainable, given the vast threat of the landscape. Therefore, business leaders and security experts must make strategic decisions about their prime concerns and how to protect their assets. Overall, AI tools that support security-minded cultures with the right priorities will be able to achieve better defenses.